Skip to content

[report] Support copying directories from containers #4191

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
pmoravec wants to merge 2 commits into
base: main
Choose a base branch
from
Open

[report] Support copying directories from containers #4191

pmoravec wants to merge 2 commits into from
+31 −3

Conversation

@pmoravec
Copy link
Contributor

@pmoravec pmoravec commented Dec 21, 2025
edited
Loading

A minimalistic but efficient way of copying whole directory from a container. It does not work with "runas" where we call "cat", though.

Moreover:

  • support add_forbidden_path on files collected from containers
  • for content of directories copied from a container, let postproc to work on them

Resolves: #4190
Closes: #4191

Please place an 'X' inside each '[]' to confirm you adhere to our Contributor Guidelines

  • Is the commit message split over multiple lines and hard-wrapped at 72 characters?
  • Is the subject and message clear and concise?
  • Does the subject start with [plugin_name] if submitting a plugin patch or a [section_name] if part of the core sosreport code?
  • Does the commit contain a Signed-off-by: First Lastname email@example.com?
  • Are any related Issues or existing PRs properly referenced via a Closes (Issue) or Resolved (PR) line?
  • Are all passwords or private data gathered by this PR obfuscated?

@packit-as-a-service
Copy link

packit-as-a-service bot commented Dec 21, 2025

Congratulations! One of the builds has completed. 🍾

You can install the built RPMs by following these steps:

  • sudo dnf install -y 'dnf*-command(copr)'
  • dnf copr enable packit/sosreport-sos-4191
  • And now you can install the packages.

Please note that the RPMs should be used only in a testing environment.

@pmoravec
Copy link
Contributor Author

pmoravec commented Dec 21, 2025

Ideally, we should implement _expand_copy_spec within a container, to really properly and trully copy all copypaths "as is", e.g. respecting symlinks and following their destinations. With this approach, we get copied content of a symlink destination:

# podman exec foreman ls -l /usr/tmp
lrwxrwxrwx. 1 root root 10 Jun 25  2024 /usr/tmp -> ../var/tmp
# podman exec foreman ls -l /usr/tmp/
total 0
-rw-r--r--. 1 foreman foreman 0 Dec 21 11:32 touch
# 
# mkdir test_dir
# podman cp foreman:/usr/tmp test_dir
# file test_dir/tmp/
test_dir/tmp/: sticky, directory
# ls -l test_dir/tmp/
total 0
-rw-r--r--. 1 root root 0 Dec 21 12:32 touch
#

Our PR mimics this behaviour. Fully correct one would be to traverse the directory within the container (nontrivial in general) and iteratively copy individual files and/or symlinks and/or dirs - every copied piece would have to be prepped by podman exec "what file it is?".

Until there is a need of reliably copy symlinks within containers, that lengthy approach is not needed, imho.

pmoravec added a commit to pmoravec/sos that referenced this pull request Dec 21, 2025
@pmoravec
[report] Support copying directories from containers
a248f26 
A minimalistic but efficient way of copying whole directory from a
container. It does not work with "runas" where we call "cat", though.

Resolves: sosreport#4190
Closes: sosreport#4191

Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
@pmoravec pmoravec force-pushed the sos-pmoravec-container-copy-dir branch from 41e3575 to a248f26 Compare December 21, 2025 12:38
@pmoravec
[report] Support copying directories from containers
4f9830a 
A minimalistic but efficient way of copying whole directory from a
container. It does not work with "runas" where we call "cat", though.

Resolves: sosreport#4190
Closes: sosreport#4191

Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
pmoravec added a commit to pmoravec/sos that referenced this pull request Dec 21, 2025
@pmoravec
[report] Support forbidden paths in containers
382e565 
Let add_forbidden_path to work on collected container files.

Relevant: sosreport#4191

Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
@pmoravec pmoravec force-pushed the sos-pmoravec-container-copy-dir branch from a248f26 to 382e565 Compare December 21, 2025 13:44
pmoravec added a commit to pmoravec/sos that referenced this pull request Dec 21, 2025
@pmoravec
[report] Support forbidden paths and postproc in containers
076599c 
Let add_forbidden_path to work on collected container files.

Furthermore, add all files from copied container directory into
copied_files to allow secrets obfuscation in postproc.

Relevant: sosreport#4191

Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
@pmoravec pmoravec force-pushed the sos-pmoravec-container-copy-dir branch from 382e565 to 076599c Compare December 21, 2025 14:22
@pmoravec
[report] Support forbidden paths and postproc in containers
a1ebf82 
Let add_forbidden_path to work on collected container files.

Furthermore, add all files from copied container directory into
copied_files to allow secrets obfuscation in postproc.

Relevant: sosreport#4191

Signed-off-by: Pavel Moravec <pmoravec@redhat.com>
@pmoravec pmoravec force-pushed the sos-pmoravec-container-copy-dir branch from 076599c to a1ebf82 Compare December 21, 2025 14:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Can't collect directory within container

1 participant

@pmoravec